diff --git a/404.html b/404.html index 27dd7cb..b6f5c66 100644 --- a/404.html +++ b/404.html @@ -4,7 +4,7 @@ - + @@ -28,11 +28,11 @@ - + - + - +
diff --git a/documentation/authentication/index.html b/documentation/authentication/index.html index d8226a3..2529d86 100644 --- a/documentation/authentication/index.html +++ b/documentation/authentication/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/documentation/proxy/index.html b/documentation/proxy/index.html index 180600c..d032093 100644 --- a/documentation/proxy/index.html +++ b/documentation/proxy/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/documentation/scalability/index.html b/documentation/scalability/index.html index fa81020..e18882d 100644 --- a/documentation/scalability/index.html +++ b/documentation/scalability/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/documentation/ui/index.html b/documentation/ui/index.html index 93628ec..44d90f9 100644 --- a/documentation/ui/index.html +++ b/documentation/ui/index.html @@ -4,7 +4,7 @@ - + @@ -33,11 +33,11 @@ - + - + - +
diff --git a/future-updates/index.html b/future-updates/index.html index 80b5351..ee433d5 100644 --- a/future-updates/index.html +++ b/future-updates/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/guides/getting-started/index.html b/guides/getting-started/index.html index d991610..5d49c99 100644 --- a/guides/getting-started/index.html +++ b/guides/getting-started/index.html @@ -4,7 +4,7 @@ - + @@ -31,12 +31,12 @@ - + - + - - + +
@@ -233,6 +233,8 @@

  • config: An object containing the configuration options for the authentication process. The available options are:
      +
    • required: +
      • AgeOver18: Whether the user is over 18 years old.
      • HealthID: Whether to include Health ID attestation.
      • IBAN: Whether to include IBAN attestation.
        • @@ -247,6 +249,9 @@

      • TaxNumber: Whether to include Tax Number attestation.

      • +
    • visibility: Enum to define the level of visibility returned after the authentication process.
      • +
    +
  • target: (optional) The URL to redirect to after the authentication process. If not provided there will be no redirect.
@@ -312,18 +317,21 @@

<script> function login() { const config = { - AgeOver18: true, - HealthID: true, - IBAN: true, - Loyalty: true, - mDL: true, - MSISDN: true, - PhotoId: true, - PID: true, - PowerOfRepresentation: true, - PseudonymDeferred: true, - Reservation: true, - TaxNumber: true + required: { + AgeOver18: true, + HealthID: false, + IBAN: false, + Loyalty: false, + mDL: false, + MSISDN: true, + PhotoId: true, + PID: true, + PowerOfRepresentation: true, + PseudonymDeferred: false, + Reservation: false, + TaxNumber: false + }, + visibility: Visibility.PUBLIC }; EUDILogin(config, "./homepage"); } diff --git a/guides/install-eudi-wallet/index.html b/guides/install-eudi-wallet/index.html index 8993de5..eca29d9 100644 --- a/guides/install-eudi-wallet/index.html +++ b/guides/install-eudi-wallet/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/guides/setup/index.html b/guides/setup/index.html index c913822..ca2137f 100644 --- a/guides/setup/index.html +++ b/guides/setup/index.html @@ -4,7 +4,7 @@ - + @@ -31,12 +31,12 @@ - + - + - - + +
diff --git a/impact/index.html b/impact/index.html index 8e50361..f7d7d0a 100644 --- a/impact/index.html +++ b/impact/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/index.html b/index.html index cdefefc..1c3ef50 100644 --- a/index.html +++ b/index.html @@ -4,7 +4,7 @@ - + @@ -31,12 +31,12 @@ - + - + - - + +
diff --git a/references/index.html b/references/index.html index c155db7..a86ebfd 100644 --- a/references/index.html +++ b/references/index.html @@ -4,7 +4,7 @@ - + @@ -31,11 +31,11 @@ - + - + - +
diff --git a/resources/js/config.js b/resources/js/config.js index b90492e..8ae05f0 100644 --- a/resources/js/config.js +++ b/resources/js/config.js @@ -1 +1 @@ -var __DOCS_CONFIG__ = {"id":"2Kuy+hlJU3pGFP2+1691w10f30yyLUGZg2v","key":"S9xRXnocvbx34xaRksCWaBF5QyPZiOxGXX7xz9yRihI.sobG5Hgj8+6JBsBxvs9D2h7hX27eD7JytfXlJOQiubFR9429CWWAVviVs8dLHk0y+EpsQ6CqxjfoDTUo5fvrmg.83","base":"/eudi-login/","host":"dmg-techlabs.github.io","version":"1.0.0","useRelativePaths":true,"documentName":"index.html","appendDocumentName":false,"trailingSlash":true,"preloadSearch":false,"cacheBustingToken":"3.6.0.793197725917","cacheBustingStrategy":"query","sidebarFilterPlaceholder":"Filter","toolbarFilterPlaceholder":"Filter","showSidebarFilter":true,"filterNotFoundMsg":"No member names found containing the query \"{query}\"","maxHistoryItems":15,"homeIcon":"","access":[{"value":"public","label":"Public"},{"value":"protected","label":"Protected"}],"toolbarLinks":[{"id":"fields","label":"Fields"},{"id":"properties","label":"Properties"},{"id":"methods","label":"Methods"},{"id":"events","label":"Events"}],"sidebar":[{"n":"/","l":"Home","s":""},{"n":"guides","l":"Guides","c":false,"i":[{"n":"getting-started","l":"Getting Started","s":""},{"n":"install-eudi-wallet","l":"Install EUDI Wallet","s":""},{"n":"setup","l":"Setup","s":""}],"s":""},{"n":"documentation","l":"Documentation","c":false,"i":[{"n":"authentication","l":"Authorization Process","s":""},{"n":"proxy","l":"Proxy","s":""},{"n":"scalability","l":"Scalability","s":""},{"n":"ui","l":"UI","s":""}],"s":""},{"n":"future-updates","l":"Future Updates","s":""},{"n":"impact","l":"Impact","s":""},{"n":"references","l":"References","s":""}],"search":{"mode":0,"minChars":2,"maxResults":20,"placeholder":"Search","hotkeys":["k"],"noResultsFoundMsg":"Sorry, no results found.","recognizeLanguages":true,"languages":[0],"preload":false},"resources":{"History_Title_Label":"History","History_ClearLink_Label":"Clear","History_NoHistory_Label":"No history items","API_AccessFilter_Label":"Access","API_ParameterSection_Label":"PARAMETERS","API_SignatureSection_Label":"SIGNATURE","API_CopyHint_Label":"Copy","API_CopyNameHint_Label":"Copy name","API_CopyLinkHint_Label":"Copy link","API_CopiedAckHint_Label":"Copied!","API_MoreOverloads_Label":"more","API_MoreDropdownItems_Label":"More","API_OptionalParameter_Label":"optional","API_DefaultParameterValue_Label":"Default value","API_InheritedFilter_Label":"Inherited","Search_Input_Placeholder":"Search","Toc_Contents_Label":"Contents","Toc_RelatedClasses_Label":"Related Classes","History_JustNowTime_Label":"just now","History_AgoTime_Label":"ago","History_YearTime_Label":"y","History_MonthTime_Label":"mo","History_DayTime_Label":"d","History_HourTime_Label":"h","History_MinuteTime_Label":"m","History_SecondTime_Label":"s"}}; +var __DOCS_CONFIG__ = {"id":"F1694rXvZLFavLVz5DptmrInjei5NxIOo7k","key":"zVZVc+UPynq3YXJSVO04+z6mHe50fnF/6EKtFhYsrxA.dJUbuwAVtJBaYMgjePlVVjVB88QnMGQq/Ny6W2ik1Mysqsg6IYJWl9Wavb9MOLceBXQmXcY7W76jgqBl4fUrhg.5","base":"/eudi-login/","host":"dmg-techlabs.github.io","version":"1.0.0","useRelativePaths":true,"documentName":"index.html","appendDocumentName":false,"trailingSlash":true,"preloadSearch":false,"cacheBustingToken":"3.6.0.793197994865","cacheBustingStrategy":"query","sidebarFilterPlaceholder":"Filter","toolbarFilterPlaceholder":"Filter","showSidebarFilter":true,"filterNotFoundMsg":"No member names found containing the query \"{query}\"","maxHistoryItems":15,"homeIcon":"","access":[{"value":"public","label":"Public"},{"value":"protected","label":"Protected"}],"toolbarLinks":[{"id":"fields","label":"Fields"},{"id":"properties","label":"Properties"},{"id":"methods","label":"Methods"},{"id":"events","label":"Events"}],"sidebar":[{"n":"/","l":"Home","s":""},{"n":"guides","l":"Guides","c":false,"i":[{"n":"getting-started","l":"Getting Started","s":""},{"n":"install-eudi-wallet","l":"Install EUDI Wallet","s":""},{"n":"setup","l":"Setup","s":""}],"s":""},{"n":"documentation","l":"Documentation","c":false,"i":[{"n":"authentication","l":"Authorization Process","s":""},{"n":"proxy","l":"Proxy","s":""},{"n":"scalability","l":"Scalability","s":""},{"n":"ui","l":"UI","s":""}],"s":""},{"n":"future-updates","l":"Future Updates","s":""},{"n":"impact","l":"Impact","s":""},{"n":"references","l":"References","s":""}],"search":{"mode":0,"minChars":2,"maxResults":20,"placeholder":"Search","hotkeys":["k"],"noResultsFoundMsg":"Sorry, no results found.","recognizeLanguages":true,"languages":[0],"preload":false},"resources":{"History_Title_Label":"History","History_ClearLink_Label":"Clear","History_NoHistory_Label":"No history items","API_AccessFilter_Label":"Access","API_ParameterSection_Label":"PARAMETERS","API_SignatureSection_Label":"SIGNATURE","API_CopyHint_Label":"Copy","API_CopyNameHint_Label":"Copy name","API_CopyLinkHint_Label":"Copy link","API_CopiedAckHint_Label":"Copied!","API_MoreOverloads_Label":"more","API_MoreDropdownItems_Label":"More","API_OptionalParameter_Label":"optional","API_DefaultParameterValue_Label":"Default value","API_InheritedFilter_Label":"Inherited","Search_Input_Placeholder":"Search","Toc_Contents_Label":"Contents","Toc_RelatedClasses_Label":"Related Classes","History_JustNowTime_Label":"just now","History_AgoTime_Label":"ago","History_YearTime_Label":"y","History_MonthTime_Label":"mo","History_DayTime_Label":"d","History_HourTime_Label":"h","History_MinuteTime_Label":"m","History_SecondTime_Label":"s"}}; diff --git a/resources/js/search.json b/resources/js/search.json index def3202..c4257ee 100644 --- a/resources/js/search.json +++ b/resources/js/search.json @@ -1 +1 @@ -[[{"l":"eudi-login","p":["Login service and SDK that leverages the EUDI Wallet functionality"]},{"l":"Get Started"},{"l":"Endpoints","p":["localhost:80: Demo App using the eudi-login service including just the SDK","localhost:8080: The eudi-login service"]},{"l":"Documentation","p":["Documentation for this project can be found in the docs/ directory or in the documentation site hosted here"]},{"l":"Authors","p":["KDesp73(Konstantinos Despoinidis)","creatorkostas(Konstantinos Mokas)","ThanasisGeorg(Athanasios Georgalis)"]}],[{"l":"Getting Started"},{"l":"Adding the EUDI SDK to your project","p":["The EUDI SDK is a JavaScript library that allows you to integrate the EUDI Wallet into your application. To use the SDK, you need to include the eudi-sdk.js file in your HTML file.","The SDK is temporarily hosted on GitHub. It will be moved to a CDN in the future."]},{"l":"Initializing the SDK","p":["To use the SDK, you need to pass into the EUDILogin function (that is used to start the authentication process) the configuration options.","config: An object containing the configuration options for the authentication process. The available options are:","AgeOver18: Whether the user is over 18 years old.","HealthID: Whether to include Health ID attestation.","IBAN: Whether to include IBAN attestation.","Loyalty: Whether to include Loyalty attestation.","mDL: Whether to include mobile Driver’s License (mDL) attestation.","MSISDN: Whether to include MSISDN (phone number) attestation.","PhotoId: Whether to include Photo ID attestation.","PID: Whether to include Personal ID (PID) attestation.","PowerOfRepresentation: Whether to include Power of Representation attestation.","PseudonymDeferred: Whether to include Pseudonym Deferred attestation.","Reservation: Whether to include Reservation attestation.","TaxNumber: Whether to include Tax Number attestation.","target: (optional) The URL to redirect to after the authentication process. If not provided there will be no redirect."]},{"l":"Handling the authentication result","p":["After the authentication process is complete, the SDK will redirect to the specified target URL. If the authentication process is successful, the URL will contain the user's data in the query parameters. If the authentication process is cancelled or fails, the URL will contain an error message.","Possible values for the event.data property are:","Missing attestations: The user did not provide all required attestations.","Cancelled: The authentication process was cancelled.","An object containing the user's data."]},{"l":"Retrieving the user data","p":["To retrieve the user data, you can use the EUDILoadData function. This function returns a Map object that contains the user's data.","The Map object contains the following keys:","AgeOver18: The user's age verified by the EUDI Wallet.","HealthID: The user's Health ID.","IBAN: The user's IBAN.","Loyalty: The user's Loyalty card number.","mDL: The user's mDL number.","MSISDN: The user's MSISDN (phone number).","PhotoId: The user's Photo ID.","PID: The user's Personal ID.","PowerOfRepresentation: The user's Power of Representation.","PseudonymDeferred: The user's Pseudonym Deferred.","Reservation: The user's Reservation.","TaxNumber: The user's Tax Number."]},{"l":"Example","p":["Here's an example of how to use the SDK in a simple HTML file:","In this example, the user will be prompted to login with the EUDI Wallet. After the authentication process is complete, the user will be redirected to https://your-domain.com/homepage."]}],[{"l":"Install EUDI Wallet","p":["You can find detailed installation instructions in the official EUDI Wallet repository"]}],[{"l":"Setup","p":["The following steps will help you get started."]},{"i":"step-1-clone-the-repository","l":"Step 1: Clone the repository"},{"i":"step-2-start-the-application","l":"Step 2: Start the application","p":["If there is onether service running on port 80, 443, 8080, 8443 you need to stop it first or change the ports in the docker-compose.yml file.","If you have not installed the make tool on your system, you can use the following command:"]},{"i":"step-3-open-the-demo-application-in-your-browser","l":"Step 3: Open the demo application in your browser","p":["Open your browser and navigate to http://localhost:80.(No custom configuration needed)"]},{"l":"Stop the application","p":["If you have started the application using Docker Compose command, you can also use the following command:"]},{"l":"Logic of this setup","p":["This setup is based on the following principles:","The application is hosted on a Docker container.","The demo application is configured to run on port localhost:80.","The backend is configured to run on port localhost:8080.","The demo application and backend are configured to start using the docker-compose.yml file.","The Makefile file is used to define the commands for starting and stopping the application. The docker-compose.yml file is used to define the services that are part of the application. The retype.yml file is used to define the documentation for the application.","The Demo application which resembles a banking application is usind the EUDI Wallet for authenticating the user. This is achived by using the EUDI SDK which is a JavaScript library that allows you to integrate the EUDI Wallet into your application. The Backend is responsible for handling the authentication process and returning the user data to the Demo application."]}],[{"l":"Authorization Process"},{"l":"Overview","p":["This document describes the authorization process facilitated through the EUDI Wallet. The process ensures secure identity verification by interacting with the /ui/presentations endpoint and handling user authentication via QR codes."]},{"l":"Steps"},{"l":"1. Initialize Transaction","p":["The system initializes an authorization transaction using a predefined configuration.","This configuration defines the required attestations and constructs the request body accordingly.","The constructed request body is sent to the /ui/presentations endpoint via the proxy.","The response contains transaction information, confirming the transaction's initialization."]},{"l":"2. Generate QR Code for Authentication","p":["Using the client_id and request_uri from the response, a URI is created.","The URI is encoded into a QR code.","On mobile devices, a button is displayed for initiating authentication."]},{"l":"3. Poll for Authorization Status","p":["The system immediately starts polling the /ui/presentations/{transaction_id} endpoint via the proxy.","Polling continues for a maximum of 2 minutes, checking for user confirmation."]},{"i":"4-user-confirmation--authentication-completion","l":"4. User Confirmation & Authentication Completion","p":["The user confirms the transaction in the EUDI Wallet application.","If the user holds all required attestations, the authorization is marked as complete.","Otherwise a dialog appears with a message informing the user that he is missing a required document.","The user is redirected to the original website upon successful authentication."]},{"l":"Security Considerations","p":["Polling Timeout: The system enforces a 2-minute timeout to prevent indefinite polling.","QR Code Encoding: The authentication URI is securely encoded to avoid manipulation.","Proxy Handling: Requests pass through a secure proxy to prevent direct exposure of backend endpoints."]},{"l":"Conclusion","p":["This process ensures secure and efficient user authentication using the EUDI Wallet, minimizing security risks while maintaining a seamless user experience."]}],[{"l":"Proxy"},{"l":"Overview","p":["This document explains the functionality of two PHP files that implement a proxy system. The proxy is designed to securely forward HTTP requests while enforcing access control policies and preventing security vulnerabilities such as SSRF (Server-Side Request Forgery)."]},{"i":"file-1-redirectphp","l":"File 1: redirect.php"},{"l":"Purpose","p":["This script acts as an HTTP proxy, forwarding client requests to backend services while enforcing security policies. It ensures that only allowed origins can access the proxy and prevents unauthorized access to internal network resources."]},{"l":"Key Features","p":["CORS Handling: Implements Cross-Origin Resource Sharing (CORS) to control which origins can access the proxy.","Request Forwarding: Extracts the target URL from the request and forwards it using cURL.","SSRF Protection: Checks if the target URL resolves to an internal IP and blocks such requests.","Error Handling: Ensures invalid requests return appropriate HTTP error codes and messages.","Security Enhancements: Prevents XSS attacks by sanitizing output data."]},{"i":"file-2-proxyphp","l":"File 2: proxy.php"},{"i":"purpose-1","l":"Purpose","p":["This file defines the Proxy class, which manages the allowed proxy endpoints and retrieves the appropriate target URL for forwarding."]},{"i":"key-features-1","l":"Key Features","p":["Configuration Loading: Reads allowed proxy target mappings from a JSON file.","Validation: Ensures that only predefined paths are accessible through the proxy.","URL Resolution: Matches incoming request paths to valid target URLs."]},{"l":"Security Considerations","p":["CORS Restrictions: Only specific origins can access the proxy to prevent unauthorized cross-origin requests.","SSRF Mitigation: Internal and reserved IP addresses are blocked from being accessed via the proxy.","Input Sanitization: Ensures only valid JSON and URLs are processed, reducing the risk of injection attacks."]},{"l":"Conclusion","p":["These PHP scripts work together to provide a secure proxy mechanism for forwarding requests to predefined backend services. The implementation follows best security practices to mitigate common web vulnerabilities while ensuring flexibility in handling API requests."]}],[{"l":"Scalability"},{"l":"Introduction","p":["This section will provide the possible ways to scale this application."]},{"l":"Possible solutions","p":["Some of the possible solutions to scale this application are:"]},{"l":"Vertical scaling","p":["Vertical scaling involves adding more resources to a single machine to handle increased traffic."]},{"l":"Horizontal scaling","p":["Horizontal scaling involves adding more machines to the cluster to handle increased traffic.","One way to achieve horizontal scaling is by using a load balancer. A load balancer distributes incoming traffic across multiple servers to ensure that no single server is overwhelmed. Another way to achieve vertical scaling is by using a container orchestration platform like Kubernetes. Kubernetes provides a way to manage and deploy containerized applications across multiple nodes in a cluster by running multiple replicas of your application and using a load balancer."]}],[{"l":"UI"},{"l":"Overview","p":["The EU Digital Identity Wallet (EUDI Wallet) is a digital authentication and verification system that allows users to securely store and share their identity credentials."]},{"l":"Authentication Process"},{"l":"1. Login Selection","p":["Users can log in using the EUDI Wallet instead of Google authentication.","This provides flexibility for users who may not want to use traditional authentication methods.","Login Options"]},{"l":"2. Data Sharing Consent","p":["Age Verification (Over 18)","Data Sharing Consent","Health ID","IBAN (Banking Information)","Loyalty Membership","Mobile Driver’s License","Personal Identification (PID)","Phone Number","Photo ID","Power of Representation","Pseudonym Deferred","Reservation Data","Tax Number","The following data types may be requested:","Users are asked to approve data sharing with the requesting service.","Users can either Cancel or Continue to proceed."]},{"l":"3. QR Code Authentication","p":["Users are presented with a QR Code that they must scan using their EUDI Wallet app.","Alternatively, they can click the \"Open Wallet\" button to proceed.","QR Code Authentication"]},{"l":"Programming Languages","p":["For this site the programming languages that has been used are","HTML","CSS","Javascript"]},{"l":"Conclusion","p":["The EU Digital Identity Wallet simplifies authentication while maintaining strong security and privacy standards. It enables seamless digital identity verification for users across different platforms."]}],[{"l":"Future Updates","p":["We are constantly working on improving the EUDI Authentication SDK and adding new features. Here are some of the upcoming updates:","Support for RSA encryption to enhance security and privacy.","Serving the SDK from a CDN to improve performance and accessibility.","Providing the SDK in other languages, such as Python, Java, Kotlin and more.","Improve the security of the authentication process by running it on the server.","Support for developers to request specific attestation fields.","Support for more attestation formats.","More customization options for the UI."]}],[{"l":"Impact"},{"l":"1. Enhancing Digital Identity Management","p":["The EUDI SDK facilitates seamless integration of the European Digital Identity (EUDI) Wallet into applications, allowing users to verify their identity securely and efficiently. This improves trust in online services and reduces reliance on traditional authentication methods."]},{"i":"2-strengthening-security--privacy","l":"2. Strengthening Security & Privacy","p":["By leveraging cryptographic attestations, the SDK minimizes risks associated with identity fraud and unauthorized access. Users have greater control over their personal data, sharing only what is necessary for a specific service."]},{"l":"3. Streamlining Authentication Processes","p":["The SDK eliminates cumbersome identity verification procedures, replacing them with a standardized, user-friendly authentication system. This reduces friction in user onboarding and login experiences."]},{"l":"4. Enabling Compliance with EU Regulations","p":["The EUDI SDK aligns with EU regulations on digital identity and data protection, helping businesses and institutions comply with legal requirements while improving user experience."]},{"l":"5. Reducing Administrative Overhead","p":["Organizations can rely on the SDK to automate identity verification, reducing manual processing time and administrative costs. This is particularly beneficial for sectors like banking, healthcare, and government services."]},{"l":"6. Encouraging Interoperability","p":["The SDK supports various attestations (e.g., Age Over 18, IBAN, Health ID), making it adaptable for multiple use cases across industries. Its interoperability ensures smooth adoption within the broader European digital identity ecosystem."]},{"l":"7. Empowering Users with Self-Sovereign Identity","p":["By allowing individuals to manage and share their identity credentials digitally, the SDK promotes self-sovereign identity principles, granting users more autonomy over their digital presence."]},{"l":"8. Driving Digital Transformation","p":["Adoption of the EUDI SDK accelerates digital transformation efforts by replacing legacy authentication methods with a modern, standardized digital identity solution. This fosters innovation in both public and private sectors."]}],[{"l":"References","p":["cbor-x","qrcode"]}]] \ No newline at end of file +[[{"l":"eudi-login","p":["Login service and SDK that leverages the EUDI Wallet functionality"]},{"l":"Get Started"},{"l":"Endpoints","p":["localhost:80: Demo App using the eudi-login service including just the SDK","localhost:8080: The eudi-login service"]},{"l":"Documentation","p":["Documentation for this project can be found in the docs/ directory or in the documentation site hosted here"]},{"l":"Authors","p":["KDesp73(Konstantinos Despoinidis)","creatorkostas(Konstantinos Mokas)","ThanasisGeorg(Athanasios Georgalis)"]}],[{"l":"Getting Started"},{"l":"Adding the EUDI SDK to your project","p":["The EUDI SDK is a JavaScript library that allows you to integrate the EUDI Wallet into your application. To use the SDK, you need to include the eudi-sdk.js file in your HTML file.","The SDK is temporarily hosted on GitHub. It will be moved to a CDN in the future."]},{"l":"Initializing the SDK","p":["AgeOver18: Whether the user is over 18 years old.","config: An object containing the configuration options for the authentication process. The available options are:","HealthID: Whether to include Health ID attestation.","IBAN: Whether to include IBAN attestation.","Loyalty: Whether to include Loyalty attestation.","mDL: Whether to include mobile Driver’s License (mDL) attestation.","MSISDN: Whether to include MSISDN (phone number) attestation.","PhotoId: Whether to include Photo ID attestation.","PID: Whether to include Personal ID (PID) attestation.","PowerOfRepresentation: Whether to include Power of Representation attestation.","PseudonymDeferred: Whether to include Pseudonym Deferred attestation.","required:","Reservation: Whether to include Reservation attestation.","target: (optional) The URL to redirect to after the authentication process. If not provided there will be no redirect.","TaxNumber: Whether to include Tax Number attestation.","To use the SDK, you need to pass into the EUDILogin function (that is used to start the authentication process) the configuration options.","visibility: Enum to define the level of visibility returned after the authentication process."]},{"l":"Handling the authentication result","p":["After the authentication process is complete, the SDK will redirect to the specified target URL. If the authentication process is successful, the URL will contain the user's data in the query parameters. If the authentication process is cancelled or fails, the URL will contain an error message.","Possible values for the event.data property are:","Missing attestations: The user did not provide all required attestations.","Cancelled: The authentication process was cancelled.","An object containing the user's data."]},{"l":"Retrieving the user data","p":["To retrieve the user data, you can use the EUDILoadData function. This function returns a Map object that contains the user's data.","The Map object contains the following keys:","AgeOver18: The user's age verified by the EUDI Wallet.","HealthID: The user's Health ID.","IBAN: The user's IBAN.","Loyalty: The user's Loyalty card number.","mDL: The user's mDL number.","MSISDN: The user's MSISDN (phone number).","PhotoId: The user's Photo ID.","PID: The user's Personal ID.","PowerOfRepresentation: The user's Power of Representation.","PseudonymDeferred: The user's Pseudonym Deferred.","Reservation: The user's Reservation.","TaxNumber: The user's Tax Number."]},{"l":"Example","p":["Here's an example of how to use the SDK in a simple HTML file:","In this example, the user will be prompted to login with the EUDI Wallet. After the authentication process is complete, the user will be redirected to https://your-domain.com/homepage."]}],[{"l":"Install EUDI Wallet","p":["You can find detailed installation instructions in the official EUDI Wallet repository"]}],[{"l":"Setup","p":["The following steps will help you get started."]},{"i":"step-1-clone-the-repository","l":"Step 1: Clone the repository"},{"i":"step-2-start-the-application","l":"Step 2: Start the application","p":["If there is onether service running on port 80, 443, 8080, 8443 you need to stop it first or change the ports in the docker-compose.yml file.","If you have not installed the make tool on your system, you can use the following command:"]},{"i":"step-3-open-the-demo-application-in-your-browser","l":"Step 3: Open the demo application in your browser","p":["Open your browser and navigate to http://localhost:80.(No custom configuration needed)"]},{"l":"Stop the application","p":["If you have started the application using Docker Compose command, you can also use the following command:"]},{"l":"Logic of this setup","p":["This setup is based on the following principles:","The application is hosted on a Docker container.","The demo application is configured to run on port localhost:80.","The backend is configured to run on port localhost:8080.","The demo application and backend are configured to start using the docker-compose.yml file.","The Makefile file is used to define the commands for starting and stopping the application. The docker-compose.yml file is used to define the services that are part of the application. The retype.yml file is used to define the documentation for the application.","The Demo application which resembles a banking application is usind the EUDI Wallet for authenticating the user. This is achived by using the EUDI SDK which is a JavaScript library that allows you to integrate the EUDI Wallet into your application. The Backend is responsible for handling the authentication process and returning the user data to the Demo application."]}],[{"l":"Authorization Process"},{"l":"Overview","p":["This document describes the authorization process facilitated through the EUDI Wallet. The process ensures secure identity verification by interacting with the /ui/presentations endpoint and handling user authentication via QR codes."]},{"l":"Steps"},{"l":"1. Initialize Transaction","p":["The system initializes an authorization transaction using a predefined configuration.","This configuration defines the required attestations and constructs the request body accordingly.","The constructed request body is sent to the /ui/presentations endpoint via the proxy.","The response contains transaction information, confirming the transaction's initialization."]},{"l":"2. Generate QR Code for Authentication","p":["Using the client_id and request_uri from the response, a URI is created.","The URI is encoded into a QR code.","On mobile devices, a button is displayed for initiating authentication."]},{"l":"3. Poll for Authorization Status","p":["The system immediately starts polling the /ui/presentations/{transaction_id} endpoint via the proxy.","Polling continues for a maximum of 2 minutes, checking for user confirmation."]},{"i":"4-user-confirmation--authentication-completion","l":"4. User Confirmation & Authentication Completion","p":["The user confirms the transaction in the EUDI Wallet application.","If the user holds all required attestations, the authorization is marked as complete.","Otherwise a dialog appears with a message informing the user that he is missing a required document.","The user is redirected to the original website upon successful authentication."]},{"l":"Security Considerations","p":["Polling Timeout: The system enforces a 2-minute timeout to prevent indefinite polling.","QR Code Encoding: The authentication URI is securely encoded to avoid manipulation.","Proxy Handling: Requests pass through a secure proxy to prevent direct exposure of backend endpoints."]},{"l":"Conclusion","p":["This process ensures secure and efficient user authentication using the EUDI Wallet, minimizing security risks while maintaining a seamless user experience."]}],[{"l":"Proxy"},{"l":"Overview","p":["This document explains the functionality of two PHP files that implement a proxy system. The proxy is designed to securely forward HTTP requests while enforcing access control policies and preventing security vulnerabilities such as SSRF (Server-Side Request Forgery)."]},{"i":"file-1-redirectphp","l":"File 1: redirect.php"},{"l":"Purpose","p":["This script acts as an HTTP proxy, forwarding client requests to backend services while enforcing security policies. It ensures that only allowed origins can access the proxy and prevents unauthorized access to internal network resources."]},{"l":"Key Features","p":["CORS Handling: Implements Cross-Origin Resource Sharing (CORS) to control which origins can access the proxy.","Request Forwarding: Extracts the target URL from the request and forwards it using cURL.","SSRF Protection: Checks if the target URL resolves to an internal IP and blocks such requests.","Error Handling: Ensures invalid requests return appropriate HTTP error codes and messages.","Security Enhancements: Prevents XSS attacks by sanitizing output data."]},{"i":"file-2-proxyphp","l":"File 2: proxy.php"},{"i":"purpose-1","l":"Purpose","p":["This file defines the Proxy class, which manages the allowed proxy endpoints and retrieves the appropriate target URL for forwarding."]},{"i":"key-features-1","l":"Key Features","p":["Configuration Loading: Reads allowed proxy target mappings from a JSON file.","Validation: Ensures that only predefined paths are accessible through the proxy.","URL Resolution: Matches incoming request paths to valid target URLs."]},{"l":"Security Considerations","p":["CORS Restrictions: Only specific origins can access the proxy to prevent unauthorized cross-origin requests.","SSRF Mitigation: Internal and reserved IP addresses are blocked from being accessed via the proxy.","Input Sanitization: Ensures only valid JSON and URLs are processed, reducing the risk of injection attacks."]},{"l":"Conclusion","p":["These PHP scripts work together to provide a secure proxy mechanism for forwarding requests to predefined backend services. The implementation follows best security practices to mitigate common web vulnerabilities while ensuring flexibility in handling API requests."]}],[{"l":"Scalability"},{"l":"Introduction","p":["This section will provide the possible ways to scale this application."]},{"l":"Possible solutions","p":["Some of the possible solutions to scale this application are:"]},{"l":"Vertical scaling","p":["Vertical scaling involves adding more resources to a single machine to handle increased traffic."]},{"l":"Horizontal scaling","p":["Horizontal scaling involves adding more machines to the cluster to handle increased traffic.","One way to achieve horizontal scaling is by using a load balancer. A load balancer distributes incoming traffic across multiple servers to ensure that no single server is overwhelmed. Another way to achieve vertical scaling is by using a container orchestration platform like Kubernetes. Kubernetes provides a way to manage and deploy containerized applications across multiple nodes in a cluster by running multiple replicas of your application and using a load balancer."]}],[{"l":"UI"},{"l":"Overview","p":["The EU Digital Identity Wallet (EUDI Wallet) is a digital authentication and verification system that allows users to securely store and share their identity credentials."]},{"l":"Authentication Process"},{"l":"1. Login Selection","p":["Users can log in using the EUDI Wallet instead of Google authentication.","This provides flexibility for users who may not want to use traditional authentication methods.","Login Options"]},{"l":"2. Data Sharing Consent","p":["Age Verification (Over 18)","Data Sharing Consent","Health ID","IBAN (Banking Information)","Loyalty Membership","Mobile Driver’s License","Personal Identification (PID)","Phone Number","Photo ID","Power of Representation","Pseudonym Deferred","Reservation Data","Tax Number","The following data types may be requested:","Users are asked to approve data sharing with the requesting service.","Users can either Cancel or Continue to proceed."]},{"l":"3. QR Code Authentication","p":["Users are presented with a QR Code that they must scan using their EUDI Wallet app.","Alternatively, they can click the \"Open Wallet\" button to proceed.","QR Code Authentication"]},{"l":"Programming Languages","p":["For this site the programming languages that has been used are","HTML","CSS","Javascript"]},{"l":"Conclusion","p":["The EU Digital Identity Wallet simplifies authentication while maintaining strong security and privacy standards. It enables seamless digital identity verification for users across different platforms."]}],[{"l":"Future Updates","p":["We are constantly working on improving the EUDI Authentication SDK and adding new features. Here are some of the upcoming updates:","Support for RSA encryption to enhance security and privacy.","Serving the SDK from a CDN to improve performance and accessibility.","Providing the SDK in other languages, such as Python, Java, Kotlin and more.","Improve the security of the authentication process by running it on the server.","Support for developers to request specific attestation fields.","Support for more attestation formats.","More customization options for the UI."]}],[{"l":"Impact"},{"l":"1. Enhancing Digital Identity Management","p":["The EUDI SDK facilitates seamless integration of the European Digital Identity (EUDI) Wallet into applications, allowing users to verify their identity securely and efficiently. This improves trust in online services and reduces reliance on traditional authentication methods."]},{"i":"2-strengthening-security--privacy","l":"2. Strengthening Security & Privacy","p":["By leveraging cryptographic attestations, the SDK minimizes risks associated with identity fraud and unauthorized access. Users have greater control over their personal data, sharing only what is necessary for a specific service."]},{"l":"3. Streamlining Authentication Processes","p":["The SDK eliminates cumbersome identity verification procedures, replacing them with a standardized, user-friendly authentication system. This reduces friction in user onboarding and login experiences."]},{"l":"4. Enabling Compliance with EU Regulations","p":["The EUDI SDK aligns with EU regulations on digital identity and data protection, helping businesses and institutions comply with legal requirements while improving user experience."]},{"l":"5. Reducing Administrative Overhead","p":["Organizations can rely on the SDK to automate identity verification, reducing manual processing time and administrative costs. This is particularly beneficial for sectors like banking, healthcare, and government services."]},{"l":"6. Encouraging Interoperability","p":["The SDK supports various attestations (e.g., Age Over 18, IBAN, Health ID), making it adaptable for multiple use cases across industries. Its interoperability ensures smooth adoption within the broader European digital identity ecosystem."]},{"l":"7. Empowering Users with Self-Sovereign Identity","p":["By allowing individuals to manage and share their identity credentials digitally, the SDK promotes self-sovereign identity principles, granting users more autonomy over their digital presence."]},{"l":"8. Driving Digital Transformation","p":["Adoption of the EUDI SDK accelerates digital transformation efforts by replacing legacy authentication methods with a modern, standardized digital identity solution. This fosters innovation in both public and private sectors."]}],[{"l":"References","p":["cbor-x","qrcode"]}]] \ No newline at end of file diff --git a/sitemap.xml.gz b/sitemap.xml.gz index 4189945..d1a0629 100644 Binary files a/sitemap.xml.gz and b/sitemap.xml.gz differ